The Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018 (Cth) (‘the Act’) which passed last year in the expectation that it would be revised in early 2019, remains unchanged. The interim report by the Parliamentary Joint Committee on Intelligence and Security (‘PJCIS’) has a deadline of June 2020 to review amendments to the Act. The Act grants ASIO and Federal, State and Territory law enforcement, greater powers to intercept and monitor encrypted communications such as those sent through WhatsApp, Telegram and Signal.
The PJCIS’s extended timeframe for review comes as a briefing by the Department of Home Affairs, recently revealed in the media following a freedom of information request, shows that law enforcement and intelligence agencies have taken an expansive view of the Act. The briefing reveals that relevant authorities may use the powers under the Act to compel a broad range of companies including social media giants, device manufacturers, telcos, retailers and providers of free wifi, to make available information on users on the basis these companies are ‘designated communications providers’.
Examples of what type of assistance that relevant authorities may require include:
- a social media company helping to automate the creation of fake accounts;
- a mobile carrier increasing the data allowance on a device so surveillance doesn’t consume users’ data;
- blocking internet messages to force a device to send messages as unencrypted SMSes; and
- a data centre providing access to computer racks to allow installation of surveillance devices.
The briefing compounds concerns expressed by the technology industry that the potentially expansive scope of the Act will decrease protection in Australia, exposing their products to systemic weaknesses, and deter companies from storing data in Australia, negatively impacting the Australian technology economy. Microsoft’s president and chief legal officer, Brad Smith, has said that while the Act has not impacted the way his company has operated to date, customers have expressed ongoing worries and requests have been made for Microsoft to build more data centres in other countries.
The Act comes amidst the Australian Government taking a more interventionist role in the regulation of online communications and content. Jacinda Ardern and Emmanuel Macron’s ‘Christchurch Call’ earlier this year urged world leaders and technology companies to pledge greater action to eliminate terrorist and violent extremist content online. In recent months, in addition to the powers to intercept and monitor encrypted communications under the Act, Australia has introduced the Criminal Code Amendment (Sharing of Abhorrent Violent Material) Act 2019 (Cth), which amends the Criminal Code Act 1995 (Cth) to criminalise the hosting and streaming of ‘abhorrent violent material’ in certain circumstances.
With the PJCIS review not set to report until 2020, it is unknown, in the near term, how the Act may be amended. What is clear, however, is that the Australian Government is actively reconsidering how national security laws need to be reformed to meet the exigencies of contemporary forms of communication.
Authors: Andrew Hii, Samantha Karpes and Asha Keaney